home.social

#libexpat — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #libexpat, aggregated by home.social.

  1. 🔎 CVE-2025-59375: HIGH severity in libexpat (<2.7.2) — attackers can remotely exhaust system memory via crafted small XML docs, causing DoS. Patch to 2.7.2+ or mitigate with input controls. radar.offseq.com/threat/cve-20 #OffSeq #Vuln #libexpat #InfoSec

  2. 🔎 CVE-2025-59375: HIGH severity in libexpat (<2.7.2) — attackers can remotely exhaust system memory via crafted small XML docs, causing DoS. Patch to 2.7.2+ or mitigate with input controls. radar.offseq.com/threat/cve-20 #OffSeq #Vuln #libexpat #InfoSec

  3. 🔎 CVE-2025-59375: HIGH severity in libexpat (<2.7.2) — attackers can remotely exhaust system memory via crafted small XML docs, causing DoS. Patch to 2.7.2+ or mitigate with input controls. radar.offseq.com/threat/cve-20 #OffSeq #Vuln #libexpat #InfoSec

  4. Oh, my! libexpat.github.io/doc/users/ yes, many of these projects are insignificant or obsolete, but what remains! If these got broken! Oh, sh*! #FLOSS #libexpat #SBOM #vulnerability #XML

  5. Oh, my! libexpat.github.io/doc/users/ yes, many of these projects are insignificant or obsolete, but what remains! If these got broken! Oh, sh*! #FLOSS #libexpat #SBOM #vulnerability #XML

  6. Oh, my! libexpat.github.io/doc/users/ yes, many of these projects are insignificant or obsolete, but what remains! If these got broken! Oh, sh*! #FLOSS #libexpat #SBOM #vulnerability #XML

  7. Oh, my! libexpat.github.io/doc/users/ yes, many of these projects are insignificant or obsolete, but what remains! If these got broken! Oh, sh*! #FLOSS #libexpat #SBOM #vulnerability #XML

  8. Oh, my! libexpat.github.io/doc/users/ yes, many of these projects are insignificant or obsolete, but what remains! If these got broken! Oh, sh*! #FLOSS #libexpat #SBOM #vulnerability #XML

  9. Unpopular opinion: If your hobby is responsible for running the modern world, you deserve to be paid a living wage for running it.

    #xz #expat #libexpat

  10. Unpopular opinion: If your hobby is responsible for running the modern world, you deserve to be paid a living wage for running it.

    #xz #expat #libexpat

  11. Unpopular opinion: If your hobby is responsible for running the modern world, you deserve to be paid a living wage for running it.

    #xz #expat #libexpat

  12. Unpopular opinion: If your hobby is responsible for running the modern world, you deserve to be paid a living wage for running it.

    #xz #expat #libexpat

  13. Unpopular opinion: If your hobby is responsible for running the modern world, you deserve to be paid a living wage for running it.

    #xz #expat #libexpat

  14. Any experienced C developers among my followers? #BoostsWelcome.

    Expat, arguably the world's most popular #XML parser, is understaffed and without funding. As #xz has shown, situations like this are dangerous.

    Last month, maintainer Sebastian Pipping put up a plea for help at github.com/libexpat/libexpat/b

    (I would help myself, but my C skills barely surpass "Hello, World".)

    Found via @timbray - cosocial.ca/@timbray/112203547

    #libexpat
    #SoftwareSupplyChainSecurity #OpenSource #OpenSourceMaintainer
    #C

  15. Any experienced C developers among my followers? #BoostsWelcome.

    Expat, arguably the world's most popular #XML parser, is understaffed and without funding. As #xz has shown, situations like this are dangerous.

    Last month, maintainer Sebastian Pipping put up a plea for help at github.com/libexpat/libexpat/b

    (I would help myself, but my C skills barely surpass "Hello, World".)

    Found via @timbray - cosocial.ca/@timbray/112203547

    #libexpat
    #SoftwareSupplyChainSecurity #OpenSource #OpenSourceMaintainer
    #C

  16. Any experienced C developers among my followers? #BoostsWelcome.

    Expat, arguably the world's most popular #XML parser, is understaffed and without funding. As #xz has shown, situations like this are dangerous.

    Last month, maintainer Sebastian Pipping put up a plea for help at github.com/libexpat/libexpat/b

    (I would help myself, but my C skills barely surpass "Hello, World".)

    Found via @timbray - cosocial.ca/@timbray/112203547

    #libexpat
    #SoftwareSupplyChainSecurity #OpenSource #OpenSourceMaintainer
    #C

  17. Any experienced C developers among my followers? #BoostsWelcome.

    Expat, arguably the world's most popular #XML parser, is understaffed and without funding. As #xz has shown, situations like this are dangerous.

    Last month, maintainer Sebastian Pipping put up a plea for help at github.com/libexpat/libexpat/b

    (I would help myself, but my C skills barely surpass "Hello, World".)

    Found via @timbray - cosocial.ca/@timbray/112203547

    #libexpat
    #SoftwareSupplyChainSecurity #OpenSource #OpenSourceMaintainer
    #C

  18. Any experienced C developers among my followers? #BoostsWelcome.

    Expat, arguably the world's most popular #XML parser, is understaffed and without funding. As #xz has shown, situations like this are dangerous.

    Last month, maintainer Sebastian Pipping put up a plea for help at github.com/libexpat/libexpat/b

    (I would help myself, but my C skills barely surpass "Hello, World".)

    Found via @timbray - cosocial.ca/@timbray/112203547

    #libexpat
    #SoftwareSupplyChainSecurity #OpenSource #OpenSourceMaintainer
    #C

  19. Контр-пример: нашли UAF - исправили UAF, а не “замылили” ошибку карантином.

    OpenBSD 7.1 errata 010, September 23, 2022:

    In libexpat fix heap use-after-free vulnerability CVE-2022-40674.

    #security #c #uaf #libexpat

    P.S. У всех пользователей #OpenBSD отличный повод запустить syspatch

  20. Eine Sicherheitslücke in der Expat-Bibliothek zur Verarbeitung von XML könnten Angreifer nutzen, um in verwundbare Systeme einzudringen.
    XML-Parser Expat ermöglicht Angreifern Einschleusen von Schadcode
  21. Eine Sicherheitslücke in der Expat-Bibliothek zur Verarbeitung von XML könnten Angreifer nutzen, um in verwundbare Systeme einzudringen.
    XML-Parser Expat ermöglicht Angreifern Einschleusen von Schadcode